Dynamic roles

[viztastic]

I have three roles that I would like to create:

• [ ] Student
• [ ] Teacher
• [ ] Admin

and one resource:

/api/users/:userId

• [ ] Students should only be allowed to access their user profile (e.g. Student 1 should only be able to access "api/users/Student1"
• [ ] Teachers can access their own user profile AND only the profiles of students that are in this teacher's classroom: /api/users/Teacher1 /api/users/Student1 /api/users/Student2
• [ ] Admins, on the other hand are able to view both Teacher and Student Profiles.

Is there a way to implement a custom function when creating the ACL role?

[eiabea]

I am currently running into the same issue, i have a route to delete all users, or just one

router.delete("/")
router.delete("/:id")

I set the permissions to

    {
      roles : ['user'],
      allows: [
        {resources: '/user/', permissions: '*'},
      ]
    }

Which allows any user to delete all users, but not a specific one